The default implementation of $*USER and $*GROUP call an external program and parses the result at the moment. This is something you do not want to do for every access to $*USER.
I recommend that the POSIX module installs its own version of $*USER / $*GROUP handling in PROCESS::<$USER> and PROCESS::<$GROUP>, which can then correctly reflect changes in privileges. Something akin to:
PROCESS::<$USER> := POSIX::getuid;
PROCESS::<$GROUP> := POSIX::getgid;
My advise: ENOTABUG, can be closed.
Liz